AI can help SMEs withstand hacker attacks: expert

January 11, 2018 18:33
Kris Hagerman, CEO of cybersecurity firm Sophos, points out that companies, regardless of their size, are currently confronted with the risk of hacker attacks. Photo: HKEJ

Artificial intelligence (AI) has gained so much foothold in the world of business that cybersecurity has become one of its latest applications.

Among the firms that are capitalizing on the trend is UK-based cybersecurity firm Sophos, which has seen its business grow rapidly after it incorporated deep-learning technology into its products.

Kris Hagerman, the firm's chief executive, points out that companies, regardless of their size, are currently confronted with the risk of hacker attacks.

To ensure smooth operations, cybersecurity has to be given top priority to help the firms deal with various potential challenges.

Financial giant JP Morgan Chase, according to Hagerman, spent US$800 million (around HK$6.24 billion) on cybersecurity last year.

When it comes to cybersecurity, companies or organizations in different industries would face similar threats, including even the small and medium enterprises (SMEs), Hagerman told the Hong Kong Economic Journal.

But SMEs often lack manpower to deal with the issue, putting them in a particularly vulnerable position. They may only have a few information technology staff members who need to shoulder a wide range of computer or network duties.

Given this, the smaller firms have a bigger need for a highly efficient cybersecurity system that is also easy to manage, Hagerman says.

Founded in 1985, Sophos currently houses about 3,000 employees worldwide, and takes care of nearly 100 million end-users. The sensors at the users can provide AI with different data in relation to hacker threats, which is beneficial to development of deep-learning.

Hagerman notes that 300,000 to 400,000 items of data can be collected on average every day. The more data accumulated, the stronger is the algorithm.

Sophos does not carry out direct sales of its products. Instead, it relies on sales channels of its partners, because each industry has its own characteristics, and communication between partners and users is more effective.

Ride-hailing app operator Uber disclosed last year that it suffered a hacker attack in 2016, leading to leak of data on 57 million customers, including both riders and drivers. The company admitted that it paid hackers US$100,000 to keep the breach a secret and to delete the data.

Hagerman said Uber should not have paid the fee, as hackers are just not trustworthy. Protecting the data of customers and staff is the most fundamental duty of a firm, he stressed. Once a problem arises, a company needs to take responsibility and resolve the matter, rather than conceal it.

The cybersecurity expert notes that personal data-related policies have been introduced recently in different places such as the European Union, where there is the General Data Protection Regulation. The US is also prepared to follow suit.

The ordinance requires that a company must disclose to the public promptly any incident of data leakage and also alert the authorities.

Companies may sometimes find the process a bit painful, but they owe it to their customers and other stakeholders, says Hagerman.

This article appeared in the Hong Kong Economic Journal on Jan 11

Translation by Jonathan Chong

[Chinese version 中文版]

– Contact us at [email protected]